<div>
  Whether to request the SAML IdP to force (re)authentication of the user, rather than allowing an existing session with the IdP to be reused.  Off by default.
</div>
